Sylius Latest Vulnerabilities

Payment Manipulation Vulnerability in PayPal Plugin for Sylius

CVE-2025-30152

SyliusPaypalplugin6.5MEDIUM

Payment Manipulation in Sylius PayPal Plugin by Sylius Core Team

CVE-2025-29788

SyliusSylius PayPal Plugin

Rate Limiting Vulnerability in Sylius by Sylius

CVE-2024-57610

SyliusSylius👾🟡7.5HIGH

Anonymity in Blockchain: Balancing Privacy and Security

CVE-2021-3841

SyliusSylius/sylius5.4MEDIUM

Security Vulnerability in Sylius eCommerce Framework Could Lead to Guest Customer Information Access

CVE-2024-40633

SyliusSylius5.3MEDIUM

Cross-Site Scripting Vulnerability in Sylius eCommerce Platform

CVE-2024-34349

SyliusSylius4.8MEDIUM

SQL Injection through sorting parameters in SyliusGridBundle

CVE-2022-24752

SyliusSyliusgridbundle9.8CRITICAL

Basic Cross-site Scripting and Unrestricted Upload of File with Dangerous Type in Sylius

CVE-2022-24749

SyliusSylius6.1MEDIUM

Insufficient Session Expiration in Sylius

CVE-2022-24743

SyliusSylius7.1HIGH

Exposure of Sensitive Information Due to Incompatible Policies in Sylius

CVE-2022-24742

SyliusSylius5MEDIUM

Improper Restriction of Rendered UI Layers or Frames in Sylius

CVE-2022-24733

SyliusSylius6.1MEDIUM

Unauthorized access to Credit card form in sylius/paypal-plugin

CVE-2021-41120

SyliusPaypalplugin7.5HIGH

List of order ids, number, items total and token value exposed for unauthorized uses via new API

CVE-2021-32720

SyliusSylius5.3MEDIUM

Email verification bypass in Sylius

CVE-2020-15245

SyliusSylius4.3MEDIUM

Remote Code Execution in SyliusResourceBundle

CVE-2020-15143

SyliusSyliusresourcebundle7.7HIGH

Remote Code Execution in SyliusResourceBundle

CVE-2020-15146

SyliusSyliusresourcebundle9.6CRITICAL

Ability in Sylius to switch channels via GET parameter enabled in production environments

CVE-2020-5218

SyliusSylius4.4MEDIUM

Ability to expose data in Sylius by using an unintended serialisation group

CVE-2020-5220

SyliusSyliusresourcebundle4.4MEDIUM

XSS Vulnerability in Sylius E-commerce Platform

CVE-2019-12186

SyliusGrid4.8MEDIUM

Internal exception message exposure for login action in Sylius

CVE-2019-16768

SyliusSylius3.5LOW

sylius Latest Vulnerabilities

Vulnerability Published:

Sort By:

19 March 2025

Payment Manipulation Vulnerability in PayPal Plugin for Sylius

17 March 2025

Payment Manipulation in Sylius PayPal Plugin by Sylius Core Team

6 February 2025

Rate Limiting Vulnerability in Sylius by Sylius

15 November 2024

Anonymity in Blockchain: Balancing Privacy and Security

17 July 2024

Security Vulnerability in Sylius eCommerce Framework Could Lead to Guest Customer Information Access

14 May 2024

Cross-Site Scripting Vulnerability in Sylius eCommerce Platform

15 March 2022

SQL Injection through sorting parameters in SyliusGridBundle

14 March 2022

Basic Cross-site Scripting and Unrestricted Upload of File with Dangerous Type in Sylius

Insufficient Session Expiration in Sylius

Exposure of Sensitive Information Due to Incompatible Policies in Sylius

Improper Restriction of Rendered UI Layers or Frames in Sylius

5 October 2021

Unauthorized access to Credit card form in sylius/paypal-plugin

28 June 2021

List of order ids, number, items total and token value exposed for unauthorized uses via new API

19 October 2020

Email verification bypass in Sylius

20 August 2020

Remote Code Execution in SyliusResourceBundle

Remote Code Execution in SyliusResourceBundle

27 January 2020

Ability in Sylius to switch channels via GET parameter enabled in production environments

Ability to expose data in Sylius by using an unintended serialisation group

31 December 2019

XSS Vulnerability in Sylius E-commerce Platform

5 December 2019

Internal exception message exposure for login action in Sylius